Jump to content

(Urgent possible security breach) using cloudproxi of sucuri.net

Featured Replies

Posted

Hello, equipment and support'm using a cloudproxi of sucuri.net to protect us from DDoS attacks as well as having a distributed load balancer. biene problem that now everyone when they visit the forum appears the accounts of other members or administrator initiated without them doing anything.

 

I activated the service within the panel following the link: http://prntscr.com/79e8qs

 

even so the problem continues we are afraid that some visitors will see the account of a member or manager connected may harm or violate their privacy.

 

we simply trust that the support team Invision Power Forum will give us a solution quickly. no more thanks a hug forgive the inconvenience greetings from Spain

  • Community Expert

Please submit a ticket (if you haven't done so already) so we can look at it appropriately. 

  • Author

I sent a ticket to a still day unanswered I send mail from my account by private message

IPS was closed for the holiday weekend, they re-opened this morning and will be getting to the tickets throughout the day.

This is probably a result of some full-page caching Sucuri's proxy is performing. It seems likely to me that's Sucuri's problem, not IPS's. Have you tried contacting Sucuri or disabling any caching features there?

I'm using sucuri too, and this problem exists with IPS 3.4.x aswell, didn't test it on IPS 4.x.
Solution was disabling sucuris caching function, I really doubt that it is a IPS problem though and it's just how sucuri caches stuff I've contacted them and this was the only solution we could work out...

  • Author

hello, my dear forgive the delay understand that I must disable cacheamiento thus work as normal truth Ahmad El-Oukly tell me I have to disable sucuri.net thanks

hello, my dear forgive the delay understand that I must disable cacheamiento thus work as normal truth Ahmad El-Oukly tell me I have to disable sucuri.net thanks

​Just disable the caching of sucuri, http://i.imgur.com/BZUljY3.pngx

  • Author

hello, again Ahmad El-Oukly thanks for this recommendation did what I said I think that currently there again step above problems. So if I put the next tab activated tell me right or wrong forum: http://prntscr.com/79oqhp

I understand that if we leave this option disabled sucuri run some risk of being attacked with DDoS or injeccion slq or security is also maintained. I hope your answer thanks greetings from Spain

hello, again Ahmad El-Oukly thanks for this recommendation did what I said I think that currently there again step above problems. So if I put the next tab activated tell me right or wrong forum: http://prntscr.com/79oqhp

I understand that if we leave this option disabled sucuri run some risk of being attacked with DDoS or injeccion slq or security is also maintained. I hope your answer thanks greetings from Spain

​Leave the forum setting enabled.
Also disabling caching won't make you vulnerable to any exploits however your site may run slower.

  • Author

thank I understand let the forum as I showed in the screenshot. nothing more you have the same system sucuri by what I see. you have proven to ask the support team if you can cache parts of the forum or if we set the minimum cached in sucuri or ariesgado ten encuenta than others appear connected accounts of others like me could be a problem luckily you could give me the answer. If you have a forum host it on www.ovh.com I recommend it is the third largest supplier of hosting world safer. They also frisked also my self-hosting cdn so in settings check sucuri cdn others.

 

thanks no more a hug from Spain invite you to meet my forum is about www.raidcall.es www.foro.raidcall.es program VoIP voice I am the owner of the site Spanish but the program is the .com but worth it you tell

  • Author

Thanks invision power equipment as well as members for the great help. in the end we turned off the forum caching to avoid caching the sessions. Now you can close the ticket a hug from Spain to all

Archived

This topic is now archived and is closed to further replies.

Recently Browsing 0

  • No registered users viewing this page.